Who's online

There are currently 0 users and 39 guests online.

Recent comments

April 2010

SANS 2010 CWE/SANS Top 25 Most Dangerous Programming Errors

SANS, Mitre and a lot of security experts have just completed the top 25 most dangerous programming errors list. This is a really useful resource and anyone developing code not just against Oracle but in general should be concerned to....[Read More]

Posted by Pete On 23/02/10 At 01:42 PM

10g and 11g PL/SQL Unwrapper source code available

I was emailed by an old friend of mine at the weekend to point me at Niels Teusink's blog post about his new 10g/11g PL/SQL unwrapper written in python. There have been a number of unwrappers available over the years....[Read More]

Posted by Pete On 14/04/10 At 10:28 AM

Secure External Password Store

Paul has made a nice post on his blog about the use of the secure external password store and specifically he has compared the use of a Wallet to that of storing a password in a text file (such as....[Read More]

Posted by Pete On 12/04/10 At 12:17 PM

Java forensics and Apps Security (twice)

I made a note of Pauls recent post to his blog titled " Java Forensics In Oracle " with an intention to mention it here but never got much time over the last few weeks to blog. This is a....[Read More]

Posted by Pete On 09/04/10 At 03:43 PM

Webinar Recording and Laszlo's TNS hijack and downgrades Presentation

I did a very successful pair of webinars for Sentrigo earlier this month on the 9th and 11th of March on the subject of an "Oracle Security Master Class". The USA webinar was recorded by Sentrigo and is available from....[Read More]

Posted by Pete On 25/03/10 At 12:30 PM

A paper on Sentrigo Hedgehog and Pete Finnigan webinar slides

I did two webinars this week with Sentrigo titled "The right way to Secure Oracle", these went well. The slides for the talks have been added to my Oracle Security white papers page . I have also written a short....[Read More]

Posted by Pete On 12/03/10 At 01:59 PM

Rule Rules

Everybody knows you shouldn’t be using the Rule-based optimizer (RBO) any more – everyone, that is, except some of the folks at Oracle Corp. I had a conversation a few weeks ago with someone who was having a problem with their standby database on 10.2 because a query against v$archive_gap was taking a very long [...]

Funny Developer Tricks - first_rows(999999999)

I ran across a funny SQL statement recently (funny strange, not funny ha ha - well actually funny ha ha too I guess). It had a first_rows hint like so:

So What Is A Good Cardinality Estimate For A Bitmap Index Column ? (Song 2)

As I’ve discussed previously, using a Bitmap index on a unique column makes little sense as the underling index must be larger than a corresponding B-tree index due to the implicit additional overheads associated with Bitmap indexes. As such, Oracle doesn’t permit the use of a Bitmap Index on a declared unique column or to [...]

Statistics on Partitioned Tables - Part 6a - COPY_TABLE_STATS - Intro

[Phew. At last. The first draft of this was dated more than two weeks ago .... One of the problems with blogging about copying stats was the balance between explaining it and pointing out some of the problems I've encountered. So I've broken up this post, with a little explanation first ...]

Oracle have a lot of on-site consultants, designers and developers who are out working with customers on very large databases and they no doubt have their own internal systems too, so you shouldn't make the mistake of thinking they're unaware of the problems that people face in gathering accurate and timely statistics on large partitioned tables. I don't say that based on any inside knowledge but by

  • Attending conferences, listening to presentations, reading White Papers and blog posts; and
  • Because they are constantly introducing new features to try to address the issues.

Over the next few posts, I'll look at some of those new features, some of which appear more successful than others. First of all, copying statistics using DBMS_STATS.COPY_TABLE_STATS.

Copying stats is a variation of a technique I've seen used on a couple of Oracle Data Warehouse projects in the past where we decided that spending time and system resources gathering object statistics wasn't useful. Think about some of the problems you'll face when gathering stats on large partitioned objects that I've highlighted so far :-

  • It takes time.
  • It sucks system resources.
  • As you change your strategy and the parameters to reduce the resource and time consumption, the stats are likely to be less accurate.

Then consider why we're gathering these stats in the first place :-